PT-2024-8979 · Linux+3 · Linux Kernel+3

Published

2024-05-24

Updated

2024-11-27

CVE-2021-47569

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.16.0-rc1-syzkaller

Description: The issue is related to the io uring component of the Linux kernel, which is associated with incorrect resource locking. This can lead to a denial of service when the callback is executed in a fallback mode for exiting tasks. The vulnerability requires the original task's context to perform cancellations, and if the task is dying, the cancellation attempt fails.

Recommendations: To resolve the issue, update the Linux kernel to a version that includes the fix for the io uring component. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Improper Locking

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-667

Related Identifiers

BDU:2024-10661

CVE-2021-47569

SUSE-SU-2024:2008-1

SUSE-SU-2024:2019-1

SUSE-SU-2024:2190-1

Affected Products

Astra Linux

Linux Kernel

Red Os

Suse

PT-2024-8979 · Linux+3 · Linux Kernel+3

CVE-2021-47569

Weakness Enumeration

Related Identifiers

Affected Products

References · 1181